Tag
Open-WebSearch has a Server-Side Request Forgery (SSRF) vulnerability in the `fetchWebContent` MCP tool due to improper validation of IPv6 literals and lack of DNS resolution, allowing attackers to fetch arbitrary private-network URLs and receive the response body.